• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Skip to footer
  • Our Services
  • Contact Us
  • Newsletter
  • Top Nav Social Icons

Mobile ID World

Mobile ID World

Identification Revolution

  • Mobile ID
    • What Is Mobile ID?
    • Identity Associations
    • Premier Partners
    • FAQ
  • News
  • Solutions
    • Behavioral
    • Facial Recognition
    • Fingerprint Biometrics
    • Iris Biometrics
    • Second Factor
    • Smart Cards
    • Smartphones
    • Vital
    • Voice
    • Wearable Tech
    • Other
  • Applications
    • Access Control
    • Cloud Technology
    • Commerce
    • Enterprise
    • Healthcare
    • Identification
    • Internet of Things
    • Law Enforcement
    • Strong Online Authentication
  • Exclusive
    • Interviews
    • Featured Articles
    • Podcasts
  • Companies
  • Events

Meta’s Anonymous Credential Service Enables Privacy-protecting Authentication

April 18, 2022

Meta is trying to come up with new ways to process large amounts of data while still protecting the privacy of people on its platforms. To that end, the company has started using a new Anonymous Credential Service (ACS) that is the result of collaboration between academia and the private sector.

Meta's Anonymous Credential Service Enables Privacy-protecting Authentication

In practice, the ACS is essentially an authentication service that can verify someone’s identity without needing to know any personal details. The solution relies on the exchange of tokens that can be used as secure authentication factors even after identifying information has been obscured. The two-phase authentication process begins when an end user sends a token request to a server through a secure channel. The user picks a ‘blinding factor’ to encode the token, and the server signs the token and sends it back to the user.

The second phase is the actual authentication, in which the user unblinds the signed token and sends it (instead of a user ID) for approval through an anonymous channel. The ACS uses a shared secret to confirm that the token is legitimate, and that the request is coming from an authentic source. The token generation process and the authentication process are completely separate to ensure that the data being processed has been distanced from the person that it belongs to.

According to Meta, the new solution is useful because it minimizes the computational burden on its servers. In that regard, the ACS is able to proactively de-identify data before it hits Meta’s servers, and requires less resources than the tech giant’s old system that de-identified and aggregated data after it had already been processed.

Meta also allows people to reuse tokens a set number of times before creating a new one to further reduce the strain on its data centers. However, the company requires a new token each time a user is authenticated for certain high-risk transactions. The ACS has now been deployed across several high-volume Meta applications, including WhatsApp, where it allows Meta to gather performance data that can be used to improve the app without collecting personal information from individual users.

ACS is built on top of a Twine foundation with C++ code. Meta itself has struggled with privacy in the past, most notably with the Cambridge Analytica scandal and its BIPA lawsuit in Illinois. In the former, the FTC fined Meta (then Facebook) $5 billion for sharing personal information with third parties without consent, while in the latter, the company paid $650 million to settle a suit that alleged that the company illegally gathered and stored biometric data from its users.

With that in mind, the ACS could give Meta a way to process data while mitigating its legal exposure in the wake of those high-profile (and expensive cases). The company has already decided to discontinue its facial recognition program in the wake of the BIPA settlement.

Filed Under: Carousel, Featured, Industry News Tagged With: anonymity, Anonymous Credential Service, authentication, cryptography, Facebook, Meta, Meta ACS, Meta Anonymous Credential Service, privacy, privacy protections, WhatsApp

Related News & Articles

Clinical Study Shows Biometric Wearables Can Predict Flu and Cold Infections

IDEMIA and G+D Form Independent Alliance on Payments Industry Standards

Mobile Account Registration in China Now Requires Facial Recognition Scan

Primary Sidebar

Learn About Mobile ID and Aviation

Tweets

Sponsored Links

facetec logo

FaceTec’s patented, industry-leading 3D Face Authentication software anchors digital identity, creating a chain of trust from user onboarding to ongoing authentication on all modern smart devices and webcams. FaceTec’s 3D FaceMaps™ make trusted, remote identity verification finally possible. As the only technology backed by a persistent spoof bounty program and NIST/iBeta Certified Liveness Detection, FaceTec is the global standard for Liveness and 3D Face Matching with millions of users on six continents in financial services, border security, transportation, blockchain, e-voting, social networks, online dating and more. www.facetec.com

FACEPHI is a global leader in Facial Recognition technology and in Mobile Biometrics technologies. With a strong concentration in the financial sector, FacePhi’s product is rapidly becoming a service used by banks all over the world. Its implementation doesn’t just save money, it is also a way to attract clients and build loyalty, while increasing the security of transactions for both the customer and the business. To learn more about FacePhi, visit https://www.facephi.com/en/

Recent Posts

  • NordPass, Yahoo! Japan, and Regula Keep Up Mobile Biometrics Momentum
  • NordPass Enables Biometric, TOTP-secured 2FA for Business Users
  • Mastercard Solution Certified Under UK’s Digital ID Framework
  • Transatlantic Digital Traveler Identity Project Gets High-Profile Tech Partner
  • Digital Identity Tech Demo Online Event

Footer

  • About Us
  • Company Directory
  • Advertise With Us
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • Archives
  • CCPA: Do not sell my personal info.

Follow Us

Copyright © 2023 MobileIDWorld